Apple Updates Everything (including Studio Display)
Apple today released updates for all of its operating systems. The updates also apply for some of the older versions of iOS and macOS. For iOS/iPadOS 15, Apple now patched an already exploited vulnerability (CVE-2023-23529). Current operating systems received a patch for this vulnerability mid January.
Noteworthy is also that this is the first time, as far as I can recall, that we got a security update for the Studio Display firmware. Firmware updates were released before for the studio display, but they fixed non-security bugs.
| Studio Display Firmware Update 16.4 | Safari 16.4 | iOS 15.7.4 and iPadOS 15.7.4 | iOS 16.4 and iPadOS 16.4 | watchOS 9.4 | tvOS 16.4 | macOS Big Sur 11.7.5 | macOS Monterey 12.6.4 | macOS Ventura 13.3 |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-27965 [important] Display A memory corruption issue was addressed with improved state management. An app may be able to execute arbitrary code with kernel privileges |
||||||||
| x | x | |||||||
| CVE-2023-27932 [moderate] WebKit This issue was addressed with improved state management. Processing maliciously crafted web content may bypass Same Origin Policy |
||||||||
| x | x | x | x | x | ||||
| CVE-2023-27954 [moderate] WebKit The issue was addressed by removing origin information. A website may be able to track sensitive user information |
||||||||
| x | x | x | x | x | x | |||
| CVE-2023-23541 [moderate] Accessibility A privacy issue was addressed with improved private data redaction for log entries. An app may be able to access information about a user?s contacts |
||||||||
| x | x | |||||||
| CVE-2023-27961 [moderate] Calendar Multiple validation issues were addressed with improved input sanitization. Importing a maliciously crafted calendar invitation may exfiltrate user information |
||||||||
| x | x | x | x | x | x | |||
| CVE-2023-23543 [moderate] Camera The issue was addressed with additional restrictions on the observability of app states. A sandboxed app may be able to determine which app is currently using the camera |
||||||||
| x | x | x | ||||||
| CVE-2023-27936 [important] CommCenter An out-of-bounds write issue was addressed with improved input validation. An app may be able to cause unexpected system termination or write kernel memory |
||||||||
| x | x | x | x | |||||
| CVE-2023-23537 [important] Find My A privacy issue was addressed with improved private data redaction for log entries. An app may be able to read sensitive location information |
||||||||
| x | x | x | x | x | ||||
| CVE-2023-27956 [important] FontParser The issue was addressed with improved memory handling. Processing a maliciously crafted image may result in disclosure of process memory |
||||||||
| x | x | x | x | x | ||||
| CVE-2023-27928 [moderate] Identity Services A privacy issue was addressed with improved private data redaction for log entries. An app may be able to access information about a user?s contacts |
||||||||
| x | x | x | x | x | x | |||
| CVE-2023-27946 [moderate] ImageIO An out-of-bounds read was addressed with improved bounds checking. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution |
||||||||
| x | x | x | x | |||||
| CVE-2023-23535 [important] ImageIO The issue was addressed with improved memory handling. Processing a maliciously crafted image may result in disclosure of process memory |
||||||||
| x | x | x | x | x | x | |||
| CVE-2023-27941 [important] Kernel An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. An app may be able to disclose kernel memory |
||||||||
| x | x | |||||||
| CVE-2023-27969 [important] Kernel A use after free issue was addressed with improved memory management. An app may be able to execute arbitrary code with kernel privileges |
||||||||
| x | x | x | x | x | ||||
| CVE-2023-27949 [moderate] Model I/O An out-of-bounds read was addressed with improved input validation. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution |
||||||||
| x | x | x | ||||||
| CVE-2023-28182 [moderate] NetworkExtension The issue was addressed with improved authentication. A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device |
||||||||
| x | x | x | x | x | ||||
| CVE-2023-27963 [moderate] Shortcuts The issue was addressed with additional permissions checks. A shortcut may be able to use sensitive data with certain actions without prompting the user |
||||||||
| x | x | x | x | x | ||||
| CVE-2023-23529 [critical] *** EXPLOITED *** WebKit A type confusion issue was addressed with improved checks. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
||||||||
| x | ||||||||
| CVE-2023-23540 [important] Apple Neural Engine The issue was addressed with improved memory handling. An app may be able to execute arbitrary code with kernel privileges |
||||||||
| x | x | x | ||||||
| CVE-2023-27959 [important] Apple Neural Engine The issue was addressed with improved memory handling. An app may be able to execute arbitrary code with kernel privileges |
||||||||
| x | ||||||||
| CVE-2023-27970 [important] Apple Neural Engine An out-of-bounds write issue was addressed with improved bounds checking. An app may be able to execute arbitrary code with kernel privileges |
||||||||
| x | ||||||||
| CVE-2023-23532 [important] Apple Neural Engine This issue was addressed with improved checks. An app may be able to break out of its sandbox |
||||||||
| x | x | |||||||
| CVE-2023-23527 [moderate] AppleMobileFileIntegrity The issue was addressed with improved checks. A user may gain access to protected parts of the file system |
||||||||
| x | x | x | x | x | x | |||
| CVE-2023-27931 [important] TCC This issue was addressed by removing the vulnerable code. An app may be able to access user-sensitive data |
||||||||
| x | x | x | x | |||||
| CVE-2023-23494 [moderate] CarPlay A buffer overflow was addressed with improved bounds checking. A user in a privileged network position may be able to cause a denial-of-service |
||||||||
| x | ||||||||
| CVE-2023-27955 [moderate] ColorSync The issue was addressed with improved checks. An app may be able to read arbitrary files |
||||||||
| x | x | x | x | |||||
| CVE-2023-23528 [important] Core Bluetooth An out-of-bounds read was addressed with improved bounds checking. Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory |
||||||||
| x | x | |||||||
| CVE-2023-28181 [important] CoreCapture The issue was addressed with improved memory handling. An app may be able to execute arbitrary code with kernel privileges |
||||||||
| x | x | x | x | |||||
| CVE-2023-27937 [moderate] Foundation An integer overflow was addressed with improved input validation. Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution |
||||||||
| x | x | x | x | x | x | |||
| CVE-2023-23526 [moderate] iCloud This was addressed with additional checks by Gatekeeper on files downloaded from an iCloud shared-by-me folder. A file from an iCloud shared-by-me folder may be able to bypass Gatekeeper |
||||||||
| x | x | |||||||
| CVE-2023-27929 [important] ImageIO An out-of-bounds read was addressed with improved input validation. Processing a maliciously crafted image may result in disclosure of process memory |
||||||||
| x | x | x | x | |||||
| CVE-2023-27933 [important] Kernel The issue was addressed with improved memory handling. An app with root privileges may be able to execute arbitrary code with kernel privileges |
||||||||
| x | x | x | x | x | ||||
| CVE-2023-27943 [moderate] LaunchServices This issue was addressed with improved checks. Files downloaded from the internet may not have the quarantine flag applied |
||||||||
| x | x | |||||||
| CVE-2023-23525 [important] LaunchServices This issue was addressed with improved checks. An app may be able to gain root privileges |
||||||||
| x | x | |||||||
| CVE-2023-23523 [moderate] Photos A logic issue was addressed with improved restrictions. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup |
||||||||
| x | x | |||||||
| CVE-2023-27942 [important] Podcasts The issue was addressed with improved checks. An app may be able to access user-sensitive data |
||||||||
| x | x | x | x | x | ||||
| CVE-2023-28194 [moderate] Safari The issue was addressed with improved checks. An app may be able to unexpectedly create a bookmark on the Home Screen |
||||||||
| x | ||||||||
| CVE-2023-28178 [important] Sandbox A logic issue was addressed with improved validation. An app may be able to bypass Privacy preferences |
||||||||
| x | x | x | ||||||
| CVE-2022-26702 [important] AppleAVD A use after free issue was addressed with improved memory management. An application may be able to execute arbitrary code with kernel privileges |
||||||||
| x | ||||||||
| CVE-2023-27951 [moderate] Archive Utility The issue was addressed with improved checks. An archive may be able to bypass Gatekeeper |
||||||||
| x | x | x | ||||||
| CVE-2023-23534 [important] Carbon Core The issue was addressed with improved checks. Processing a maliciously crafted image may result in disclosure of process memory |
||||||||
| x | x | |||||||
| CVE-2023-27935 [critical] dcerpc The issue was addressed with improved bounds checks. A remote user may be able to cause unexpected app termination or arbitrary code execution |
||||||||
| x | x | x | ||||||
| CVE-2023-27953 [moderate] dcerpc The issue was addressed with improved memory handling. A remote user may be able to cause unexpected system termination or corrupt kernel memory |
||||||||
| x | x | x | ||||||
| CVE-2023-27958 [moderate] dcerpc The issue was addressed with improved memory handling. A remote user may be able to cause unexpected system termination or corrupt kernel memory |
||||||||
| x | x | x | ||||||
| CVE-2023-23514 [important] Kernel A use after free issue was addressed with improved memory management. An app may be able to execute arbitrary code with kernel privileges |
||||||||
| x | x | x | ||||||
| CVE-2023-28200 [important] Kernel A validation issue was addressed with improved input sanitization. An app may be able to disclose kernel memory |
||||||||
| x | x | x | ||||||
| CVE-2023-27962 [important] PackageKit A logic issue was addressed with improved checks. An app may be able to modify protected parts of the file system |
||||||||
| x | x | x | ||||||
| CVE-2023-23542 [important] System Settings A privacy issue was addressed with improved private data redaction for log entries. An app may be able to access user-sensitive data |
||||||||
| x | x | x | ||||||
| CVE-2023-28192 [important] System Settings A permissions issue was addressed with improved validation. An app may be able to read sensitive location information |
||||||||
| x | x | x | ||||||
| CVE-2023-0433 [moderate] Vim Multiple issues were addressed by updating to Vim version 9.0.1191. Multiple issues in Vim |
||||||||
| x | x | x | ||||||
| CVE-2023-0512 [moderate] Vim Multiple issues were addressed by updating to Vim version 9.0.1191. Multiple issues in Vim |
||||||||
| x | x | x | ||||||
| CVE-2023-27944 [important] XPC This issue was addressed with a new entitlement. An app may be able to break out of its sandbox |
||||||||
| x | x | x | ||||||
| CVE-2023-23538 [important] PackageKit A logic issue was addressed with improved checks. An app may be able to modify protected parts of the file system |
||||||||
| x | x | |||||||
| CVE-2023-23533 [important] Sandbox A logic issue was addressed with improved checks. An app may be able to modify protected parts of the file system |
||||||||
| x | x | |||||||
| CVE-2023-27968 [important] AMD A buffer overflow issue was addressed with improved memory handling. An app may be able to cause unexpected system termination or write kernel memory |
||||||||
| x | ||||||||
| CVE-2022-43551 [moderate] curl Multiple issues were addressed by updating curl. Multiple issues in curl |
||||||||
| x | ||||||||
| CVE-2022-43552 [moderate] curl Multiple issues were addressed by updating curl. Multiple issues in curl |
||||||||
| x | ||||||||
| CVE-2023-27934 [critical] dcerpc A memory initialization issue was addressed. A remote user may be able to cause unexpected app termination or arbitrary code execution |
||||||||
| x | ||||||||
| CVE-2023-28180 [moderate] dcerpc A denial-of-service issue was addressed with improved memory handling. A user in a privileged network position may be able to cause a denial-of-service |
||||||||
| x | ||||||||
| CVE-2023-28190 [important] FaceTime A privacy issue was addressed by moving sensitive data to a more secure location. An app may be able to access user-sensitive data |
||||||||
| x | ||||||||
| CVE-2023-27957 [moderate] ImageIO A buffer overflow issue was addressed with improved memory handling. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution |
||||||||
| x | ||||||||
| CVE-2023-27952 [important] Safari A race condition was addressed with improved locking. An app may bypass Gatekeeper checks |
||||||||
| x | ||||||||
| CVE-2023-0049 [moderate] Vim Multiple issues were addressed by updating to Vim version 9.0.1191. Multiple issues in Vim |
||||||||
| x | ||||||||
| CVE-2023-0051 [moderate] Vim Multiple issues were addressed by updating to Vim version 9.0.1191. Multiple issues in Vim |
||||||||
| x | ||||||||
| CVE-2023-0054 [moderate] Vim Multiple issues were addressed by updating to Vim version 9.0.1191. Multiple issues in Vim |
||||||||
| x | ||||||||
| CVE-2023-0288 [moderate] Vim Multiple issues were addressed by updating to Vim version 9.0.1191. Multiple issues in Vim |
||||||||
| x | ||||||||
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
My next class:
| Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
×
![modal content]()
Diary Archives
Comments